Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106241 EXPLOITDB python
Croogo 2.0.0 - Arbitrary PHP Code Execution
by LiquidWorm
EIP-2026-105812 EXPLOITDB text
Change CMS 3.6.8 - Multiple Cross-Site Request Forgery Vulnerabilities
by Krusty Hack
EIP-2026-102267 EXPLOITDB text
PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass
by Vulnerability-Lab
CVE-2014-7281 EXPLOITDB html
Tenda A32 Firmware 5.07.53_CN - Cross-Site Request Forgery via SysToolReboot
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.
by zixian
EIP-2026-101570 EXPLOITDB text
Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities
by dun
CVE-2014-2021 EXPLOITDB python
vBulletin < 4.2.2 and 5.0.x-5.0.5 - Authenticated Stored Cross-Site Scripting via XMLRPC API Client Name
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name.
by tintinweb
CVE-2014-2022 EXPLOITDB python
vBulletin < 4.2.2 - Authenticated SQL Injection via XMLRPC API conceptid Argument
SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.
by tintinweb
CVE-2014-1603 EXPLOITDB text
GetSimple CMS 3.3.1 - Cross-Site Scripting via admin/load.php or admin/settings.php
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.php.
by Pedro Ribeiro
CVE-2014-0334 EXPLOITDB text
CMS Made Simple - Authenticated Stored Cross-Site Scripting via Multiple Admin Parameters
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) the htmlblob parameter to admin/addhtmlblob.php, the (3) title or (4) url parameter to admin/addbookmark.php, (5) the stylesheet_name parameter to admin/copystylesheet.php, (6) the template_name parameter to admin/copytemplate.php, the (7) title or (8) url parameter to admin/editbookmark.php, (9) the template parameter to admin/listtemplates.php, or (10) the css_name parameter to admin/listcss.php, a different issue than CVE-2014-2092.
by Pedro Ribeiro
CVE-2014-2922 EXPLOITDB text
pimcore 1.4.9-2.1.0 - PHP Object Injection and Arbitrary File Deletion via Newsletter Token Deserialization
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object.
by Pedro Ribeiro
CVE-2014-4872 EXPLOITDB text
BMC Track-It! 11.3.0.355 - Unauthenticated Remote Code Execution via .NET Remoting
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.
by Pedro Ribeiro
CVE-2014-6287 EXPLOITDB CRITICAL ruby VERIFIED
Rejetto HTTP File Server <2.3c - RCE
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
by Metasploit
CVSS 9.8
CVE-2014-2928 EXPLOITDB ruby VERIFIED
F5 BIG-IP - Remote Code Execution via iControl API Hostname Element
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.
by Metasploit
CVE-2014-6446 EXPLOITDB ruby VERIFIED
Infusionsoft Gravity Forms 1.5.3-1.5.10 - Unauthenticated Arbitrary File Upload and Remote Code Execution
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly restrict access, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code via a request to utilities/code_generator.php.
by Metasploit
CVE-2014-7280 EXPLOITDB text VERIFIED
Tenable Nessus <2.3.4 Build #85 - XSS
Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
by Frank Lycops
CVE-2014-5207 EXPLOITDB c
Linux Kernel < 3.16.1 - Privilege Escalation via Bind Mount Remount
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
by Andy Lutomirski
EIP-2026-102480 EXPLOITDB text
DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities
by Digital Misfits
EIP-2026-103357 EXPLOITDB c
OpenSSH < 6.6 SFTP (x64) - Command Execution
by Jann Horn
CVE-2009-1324 EXPLOITDB perl VERIFIED
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long URI in Playlist File
Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
by Amir Tavakolian
EIP-2026-100354 EXPLOITDB text
HttpCombiner ASP.NET - Remote File Disclosure
by Le Ngoc Son
CVE-2014-7910 EXPLOITDB python VERIFIED
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Phil Blank
CVE-2014-6278 EXPLOITDB HIGH python VERIFIED
GNU Bash through 4.3 bash43-026 - Remote Code Execution via Environment Variable Function Parsing
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
by Federico Galatolo
CVSS 8.8
EIP-2026-100920 EXPLOITDB text
Ultra Electronics 7.2.0.19/7.4.0.7 - Multiple Vulnerabilities
by OSI Security
CVE-2014-7910 EXPLOITDB ruby VERIFIED
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Fady Mohammed Osman
CVE-2014-7169 EXPLOITDB CRITICAL text
GNU Bash < 4.3 - Remote Code Execution via Malformed Environment Variable Function Definitions
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
by hobbily plunt
CVSS 9.8